Which of the following are appropriate responsibilities of the audit committee in relation to the chief audit executive (CAE)?
1.
Approving the internal audit charter.
2.
Approving decisions regarding the appointment and removal of the CAE.
3.
Approving the risk management strategy for the organization.
4.
Making appropriate inquiries of management and the CAE to determine whether there are inappropriate scope and resource limitations.
A. 1 and 2 only
B. 1, 2, and 3 only
C. 1, 2, and 4 only
D. 2, 3, and 4 only
Which of the following processes or tools can be used as ongoing internal assessments of the performance of the internal audit activity?
1.
Analyses of audit plan completion and cost recoveries.
2.
Selective peer reviews of work papers by staff involved in the respective audits.
3.
Self-assessment of the internal audit activity with on-site validation by a qualified independent reviewer.
4.
Feedback from audit customers and stakeholders.
A. 1 only
B. 1 and 2 only
C. 3 and 4 only
D. 1, 2, and 4 only
Which of the following are appropriate ways to obtain continuous professional education?
1.
Instructing at a local IIA training event.
2.
Attending internal audit conferences and seminars.
3.
Practicing specialized audit and consulting work.
4.
Participating in research projects in internal auditing.
A. 1 and 3 only
B. 1 and 2 only
C. 3 and 4 only
D. 1, 2, and 4 only
Which of the following is correct regarding the implementation of a quality assurance and improvement program for the internal audit function?
A. The board has the primary responsibility for implementation of a robust quality assurance and improvement program for internal audit.
B. An internal audit function that is fully complying with internal assessment of quality can confidently claim it is performing in conformity with the International Professional Practices Framework.
C. The chief audit executive can establish a formal quality assurance and improvement program that is led by an audit manager.
D. A quality assurance and improvement program is applicable depending on the size and complexity of the audit function.
Which of the following would be the least significant consideration when performing a risk analysis?
A. Financial exposure and potential loss.
B. Skills available within the audit staff.
C. Results of prior audits.
D. Major operating changes.
To develop greater internal auditing expertise, the chief audit executive (CAE) has been assigning the same relatively inexperienced team of internal auditors to a series of engagements spanning several months. Is this practice consistent with the Standards?
A. Yes. The CAE is promoting the professional development of the staff.
B. Yes. The experience will quickly build specialized skills and competencies.
C. No. The team should collectively possess the competencies appropriate for the engagements.
D. No. Teams should be comprised of both experienced and inexperienced auditors.
According to the Standards, a review team must express an opinion on which of the following when performing an external assessment of an internal audit activity?
1.
Conformance with the Standards and IIA Code of Ethics.
2.
Effectiveness of continuous improvement activities.
3.
Feedback from internal audit customers and other stakeholder groups.
4.
Efficiency and effectiveness of the internal audit activity's administration processes.
A. 1 only
B. 3 only
C. 1 and 2 only
D. 2 and 4 only
An organization's chief audit executive (CAE) has been asked to conduct an assurance engagement for an information technology system that was subject to a consulting engagement in the prior year. How should the CAE respond?
A. Decline the engagement because independence and objectivity would be impaired.
B. Delay the assurance engagement to ensure that there is a two-year period between the engagements.
C. Accept the engagement and assign different auditors to conduct the assurance services.
D. Facilitate a control self-assessment workshop instead of performing an assurance engagement.
How should management obtain assurance that employees are complying with the organization's security policy?
A. Regularly conduct independent reviews of employees' security practices.
B. Routinely survey staff so that information related to security practices can be submitted anonymously.
C. Rely on exception reports to identify errors.
D. Enforce a policy that requires all employees to sign a statement that they will adhere to the organization's security policies.
What is the primary purpose of a risk management program?
A. Reduce risk to a tolerable level.
B. Reduce all risks regardless of costs.
C. Transfer all risks to external third parties.
D. Identify every significant risk to avoid it.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IIA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your IIA-CIA-PART1 exam preparations and IIA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.